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In the Claims 

For the convenience of the Examiner, all pending claims are set forth below, whether 
or not an amendment is made. Please amend the claims as follows: 

1. (Currently Amended) An apparatus, comprising: 

an intrusion detection system (IDS) module coupled to a main central processing unit 
(CPU), the main CPU being operable to communicate a copy of one or more incoming 
packets to the IDS module, the IDS module having an IDS CPU, the IDS module operable to: 

determine that the IDS CPU has reached a particular threshold indicating that the IDS 
module is low on a resource; 

which is operable to identify a volume associated with the incoming packets in 
response to the determination; and 

in order to communicate feedback information to the main CPU, the feedback 
information signaling that the IDS module is expending a de signated amount of resources 
based on the volume, wherein low on the resource, the main CPU [[is]] operable to respond 
to the feedback information by restricting a number of additional incoming packets that are 
received by the main CPU. 

2. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
identify a plurality of thresholds, one or more of which are operable to trigger the feedback 
information to be communicated to the main CPU by the IDS module, the one or more 
thresholds each representing volume levels reflecting an amount of incoming packets that are 
received by the IDS module, and wherein the main CPU is operable to increase the volume 
associated with the incoming packets in response to receiving additional feedback from the 
IDS module. 

3. (Original) The apparatus of Claim 1, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

4. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
communicate an alarm to a network management element that signals that the IDS module 
has reached a certain volume level associated with an amount of incoming packets received. 
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5. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
execute a transmission control protocol (TCP) reset in order to indicate an attack is being 
seen from a source address such that a connection corresponding to the source address may 
be torn down. 

6. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
block a source location by establishing an access control list (ACL) that includes the source 
location, wherein communications associated with the source location are restricted as a 
result of being included on the ACL. 

7. (Original) The apparatus of Claim 1, wherein the IDS module and the main 
CPU are included in a network element, the network element being selected from a group of 
elements consisting of: 

(a) a router; 

(b) a bridge; 

(c) a switch; 

(d) a loadbalancer; 

(e) a processor; and 

(f) a gateway. 
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8. (Currently Amended) A method for implementing traffic management, 
comprising: 

communicating receiving, at an intrusion detection system (IDS) module, a copy of 
one or more incoming packets from a main central processing unit (CPU), the IDS module 
having an IDS CPU ; 

determining that the IDS CPU has reached a particular threshold indicating that the 
IDS module is low on a resource; 

identifying a volume associated with the incoming packets in response to the 
determination; 

in order to communicate communicating feedback information to a main central 
processing unit (CPU) the main CPU , the feedback information signaling that an intrusion 
detection system (IDS) the IDS module is expending a designated amount of r e s o urc e s low 
on the resource ; and 

responding to the feedback information by restricting a number of additional 
incoming packets that are received by the main CPU. 

9. (Original) The method of Claim 8, further comprising: 

identifying a plurality of thresholds, one or more of which are operable to trigger the 
feedback information to be communicated to the main CPU by the IDS module, the one or 
more thresholds each representing volume levels of incoming packets that are received by the 
IDS module. 

10. (Original) The method of Claim 8, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

1 1 . (Original) The method of Claim 8, further comprising: 

communicating an alarm to a network management element that signals that the IDS 
module has reached a certain volume level associated with an amount of incoming packets 
received. 
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12. (Original) The method of Claim 8, further comprising: 

executing a transmission control protocol (TCP) reset in order to indicate an attack is 
being seen from a source address such that a connection corresponding to the source address 
may be torn down. 

13. (Original) The method of Claim 8, further comprising: 

blocking a source location by establishing an access control list (ACL) that includes 
the source location, wherein communications associated with the source location are 
restricted as a result of being included on the ACL. 

14. (Original) The method of Claim 8, further comprising: 

increasing the volume associated with the incoming packets based on additional 
feedback being received from the IDS module, the additional feedback reflecting a reduced 
volume associated with the incoming packets. 

15. (Currently Amended) A system for implementing traffic management, 
comprising: 

means for communicating receiving, at an intrusion detection system (IDS) module, a 
copy of one or more incoming packets from a main central processing unit (CPU), the IDS 
module having an IDS CPU ; 

means for determining that the IDS CPU has reached a particular threshold indicating 
that the IDS module is low on a resource; 

means for identifying a volume associated with the incoming packets in response to 
the determination; 

in order to communicate means for communicating feedback information to a main 
central processing unit (CPU) the main CPU , the feedback information signaling that an 
intrusion detection system (IDS) the IDS module is expending a designated amount of 
resources low on the resource ; and 

means for responding to the feedback information by restricting a number of 
additional incoming packets that are received by the main CPU. 
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16. (Original) The system of Claim 15, further comprising: 

means for identifying a plurality of thresholds, one or more of which are operable to 
trigger the feedback information to be communicated to the main CPU by the IDS module, 
the one or more thresholds each representing volume levels of incoming packets that are 
received by the IDS module. 

17. (Original) The system of Claim 15, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

18. (Original) The system of Claim 15, further comprising: 

means for communicating an alarm to a network management element that signals 
that the IDS module has reached a certain volume level associated with an amount of 
incoming packets received. 

19. (Original) The system of Claim 15, further comprising: 

means for executing a transmission control protocol (TCP) reset in order to indicate 
an attack is being seen from a source address such that a connection corresponding to the 
source address may be torn down. 

20. (Original) The system of Claim 15, further comprising: 

means for blocking a source location by establishing an access control list (ACL) that 
includes the source location, wherein communications associated with the source location are 
restricted as a result of being included on the ACL. 

21. (Original) The system of Claim 15, further comprising: 

means for increasing the volume associated with the incoming packets based on 
additional feedback being received from the IDS module, the additional feedback reflecting a 
reduced volume associated with the incoming packets. 
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22. (Currently Amended) Software for implementing traffic management, the 
software comprising computer code such that when executed is operable to: 

communicate receive, at an intrusion detection system (IDS) module, a copy of one or 
more incoming packets from a main central processing unit (CPU), the IDS module having 
an IDS CPU ; 

determine that the IDS CPU has reached a particular threshold indicating that the IDS 
module is low on a resource; 

identify a volume associated with the incoming packets in response to the 
determination; 

in order to communicate feedback information to a main central processing unit 
(CPU) the main CPU , the feedback information signaling that a n intrusion detection system 
(IDS) the IDS module is expending a designated amount of resources low on the resource ; 
and 

respond to the feedback information by restricting a number of additional incoming 
packets that are received by the main CPU. 

23. (Original) The medium of Claim 22, wherein the code if further operable to: 
identify a plurality of thresholds, one or more of which are operable to trigger the 

feedback information to be communicated to the main CPU by the IDS module, the one or 
more thresholds each representing volume levels of incoming packets that are received by the 
IDS module. 

24. (Original) The medium of Claim 22, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

25. (Original) The medium of Claim 22, wherein the code if further operable to: 
communicate an alarm to a network management element that signals that the IDS 

module has reached a certain volume level associated with an amount of incoming packets 
received. 
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26. (Original) The medium of Claim 22, wherein the code if further operable to: 
execute a transmission control protocol (TCP) reset in order to indicate an attack is 

being seen from a source address such that a connection corresponding to the source address 
may be torn down. 

27. (Original) The medium of Claim 22, wherein the code if further operable to: 
block a source location by establishing an access control list (ACL) that includes the 

source location, wherein communications associated with the source location are restricted as 
a result of being included on the ACL. 

28. (Original) The medium of Claim 22, wherein the code if further operable to: 
increase the volume associated with the incoming packets based on additional 

feedback being received from the IDS module, the additional feedback reflecting a reduced 
volume associated with the incoming packets. 
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